funsec mailing list archives
Re: Microsoft announce most secure OS on the planet
From: Gadi Evron <ge () linuxbox org>
Date: Mon, 20 Apr 2009 21:31:05 +0300
David Harley wrote:
Facinating. Think of how secure DOS and CP/M are by this standard.My daughter had an exquisitely safe laptop made by Vtech.
Rich started this by saying that he believes some software is weaker, and some is percieved as weaker. And that popularity has nothing to do with security. I agree with his first two points, I disagree with the other two. While there are always security vulnerabilities to be found, someone has to look for them. If your goal is stealth, you will likely develop a 0day, or try to hide in some fashion. But let's be honest folks, very popular software and especially mono-culture software (Windows, Adobe Acrobat, Cisco IOS, etc.) have a lot of risk attached to them being famous. Consider the early days of Internet Explorer vs. Mozilla. While Mozilla has better code in my opinion (anybody has better code than IE!), it was targeted significantly less than IE. Then, when it became popular it started getting targeted much more often. The same goes with the Mac and OS X. As the Mac becomes more popular it becomes a rich target for the mass exploitation of worms, etc. and criminals start targeting it. I have often claimed that the Mac's day is coming, and it's almost fully here. Adam O'Donnell has a very interesting game-theory based presentation on the Mac angle. So yes, security by obscurity does work, folks. Once again, it does. But it doesn't hold water as the only strategy. Saying that a software's popularity has no impact on how often it is exploited by the mass-exploitation devices is inane. Gadi. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Microsoft announce most secure OS on the planet, (continued)
- Re: Microsoft announce most secure OS on the planet security curmudgeon (Apr 15)
- Re: Microsoft announce most secure OS on the planet Larry Seltzer (Apr 15)
- Re: Microsoft announce most secure OS on the planet security curmudgeon (Apr 15)
- Re: Microsoft announce most secure OS on the planet Rich Kulawiec (Apr 19)
- Re: Microsoft announce most secure OS on the planet Valdis . Kletnieks (Apr 20)
- Re: Microsoft announce most secure OS on the planet der Mouse (Apr 20)
- Re: Microsoft announce most secure OS on the planet Larry Seltzer (Apr 20)
- Re: Microsoft announce most secure OS on the planet David Harley (Apr 20)
- Re: Microsoft announce most secure OS on the planet Larry Seltzer (Apr 20)
- Re: Microsoft announce most secure OS on the planet David Harley (Apr 20)
- Re: Microsoft announce most secure OS on the planet Gadi Evron (Apr 20)
- Re: Microsoft announce most secure OS on the planet David Harley (Apr 21)
- Re: Microsoft announce most secure OS on the planet Gadi Evron (Apr 20)
- Re: Microsoft announce most secure OS on the planet Valdis . Kletnieks (Apr 20)
- Re: Microsoft announce most secure OS on the planet der Mouse (Apr 20)
- Re: Microsoft announce most secure OS on the planet Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 20)
- Re: Microsoft announce most secure OS on the planet Dragos Ruiu (Apr 20)
- Re: Microsoft announce most secure OS on the planet Nick FitzGerald (Apr 20)
- Re: Microsoft announce most secure OS on the planet der Mouse (Apr 20)